package cn.edu.nju.ws.sview.servlets;

import java.io.IOException;
import java.net.URLDecoder;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;

import cn.edu.nju.ws.sview.database.DBConnectionFactory;
import cn.edu.nju.ws.sview.util.MD5;

public class LoginValidate extends HttpServlet{
    private Logger logger = Logger.getLogger(LoginValidate.class.getName());
	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	@Override
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// TODO Auto-generated method stub
		String option=null;
		String json=null;
		request.setCharacterEncoding("utf-8");
        if(request.getParameter("register")!=null){
			json = request.getParameter("register");
			option="register";
		}else if(request.getParameter("login")!=null){
			json = request.getParameter("login");
			option="login";
		}
	    if(option.equals("register")){
			String str = URLDecoder.decode(json,"utf-8");
			JSONObject regtJSON = (JSONObject) JSONValue.parse(str);
			String action = (String)regtJSON.get("action") ;
			String value = (String)regtJSON.get("value") ;
			if(action.equals("emailExistTest")||action.equals("nameExistTest")){
				String result = null;
				try {
					Connection con =DBConnectionFactory.getConnection();
					Statement stmt1 = con.createStatement();
					Statement stmt2= con.createStatement();
					String sql1 = null;
					String sql2 = null;
					if(action.equals("emailExistTest")){
						sql1 =String.format("select id from user where email='%s'",value );
						sql2 =String.format("select id from user_validate where email='%s'",value );
					}
					else if(action.equals("nameExistTest")){
						sql1 = String.format("select id from user where name='%s'",value );
						sql2 = String.format("select id from user_validate where name='%s'",value );
					}
					ResultSet rs1 = stmt1.executeQuery(sql1);
					ResultSet rs2 = stmt2.executeQuery(sql2);
					if(rs1.next() || rs2.next()){
					    result="exist";
					}else
						result="notExist" ;
					rs1.close();
					rs2.close();
					con.close();
				} catch (SQLException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
				}
				response.getWriter().print(result) ;
			}
 		}else if(option.equals("login")){
			String str = URLDecoder.decode(json,"utf-8");
			JSONObject regtJSON = (JSONObject) JSONValue.parse(str);
			String user = (String)regtJSON.get("user") ;
			String pwd = (String)regtJSON.get("pwd") ;
			String result = null;
			try {
				Connection con =DBConnectionFactory.getConnection();
				Statement stmt = con.createStatement();
				String sql = String.format("select id from user where name='%s' and password='%s'",user,MD5.makeMD5Str(pwd));
				ResultSet rs = stmt.executeQuery(sql);
				if(rs.next()){
				    result="validate";
				}else
					result="invalidate" ;
				con.close();
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
			response.getWriter().print(result) ;
 		}
	}
    
}
